Lucene search
K
PacketstormRecent

50748 matches found

Packet Storm
Packet Storm
added 2022/05/16 12:0 a.m.228 views

Ransom.Conti MVID-2022-0605 Code Execution

Discovery / credits: Malvuln John Page aka hyp3rlinx c 2022 Original source: https://malvuln.com/advisory/146ec3f6c262d0f287e67ddb3cc69892.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Ransom.Conti Vulnerability: Code Execution Description: Conti looks for and executes DLLs ...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2022/05/16 12:0 a.m.282 views

Ransom.Conti MVID-2022-0602 Code Execution

Discovery / credits: Malvuln John Page aka hyp3rlinx c 2022 Original source: https://malvuln.com/advisory/7ba20fce7ac259f6062f73290c2e28cf.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Ransom.Conti Vulnerability: Code Execution Description: Conti looks for and executes DLLs ...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2022/05/16 12:0 a.m.263 views

HighCMS/HighPortal 12.x SQL Injection

Exploit Title: HighCMS/HighPortal v12.x SQL Inj Type : WEBAPPS "HighCMS/HighPortal" Platform : ASP.NET Date : 4/23/2022 Exploit Author : E1.Coders Software Link : https://aryanic.com/page/portal Version : v12.x Category : Webapps Tested on: Linux/Windows Google Dork:...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2022/05/16 12:0 a.m.253 views

Ransom.Conti MVID-2022-0606 Code Execution

Discovery / credits: Malvuln John Page aka hyp3rlinx c 2022 Original source: https://malvuln.com/advisory/eedd1cfc7acd012bbec464aebc679ee4.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Ransom.Conti Vulnerability: Code Execution Description: Conti looks for and executes DLLs ...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2022/05/16 12:0 a.m.233 views

Ransom.Conti MVID-2022-0601 Code Execution

Discovery / credits: Malvuln John Page aka hyp3rlinx c 2022 Original source: https://malvuln.com/advisory/b485c36f28c5c967a50001c9e8d2c29c.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Ransom.Conti Vulnerability: Code Execution Description: Conti looks for and executes DLLs ...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2022/05/16 12:0 a.m.184 views

WordPress WP Event Manager 3.1.27 Cross Site Scripting

Exploit Title: WordPress Plugin WP Event Manager - Stored Cross Site Scripting Date: 15-05-2022 Exploit Author: Mariam Tariq - HunterSherlock Vendor Homepage: https://wordpress.org/plugins/wp-event-manager/ Version: 3.1.27 Tested on: Firefox Contact me: [email protected] Steps To Reproduce...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2022/05/16 12:0 a.m.209 views

Ransom.Conti MVID-2022-0603 Code Execution

Discovery / credits: Malvuln John Page aka hyp3rlinx c 2022 Original source: https://malvuln.com/advisory/6748dfe8e64dea2fc4c14691f7e766c6.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Ransom.Conti Vulnerability: Code Execution Description: Conti looks for and executes DLLs ...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2022/05/16 12:0 a.m.222 views

IpMatcher 1.0.4.1 Server-Side Request Forgery

Exploit Title: SSRF in .NET C IpMatcher v1.0.4.1 and below NuGet package: CVE-2021-33318 IpMatcher v1.0.4.1 and below for .NET Core 2.0 and .NET Framework 4.5.2. incorrectly validates octal & hexadecimal input data, leading to indeterminate SSRF, LFI, RFI, and DoS vectors. Date: 22/09/2022 Exploi...

0.8AI score0.01921EPSS
Exploits3
Packet Storm
Packet Storm
added 2022/05/16 12:0 a.m.408 views

Zyxel Firewall ZTP Unauthenticated Command Injection

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Zyxel Firewall ZTP Unauthenticated Command Injection', 'Description' = %q This module exploits CVE-2022-30525, an unauthenticated remote command...

0.2AI score0.99938EPSS
Exploits27
Packet Storm
Packet Storm
added 2022/05/16 12:0 a.m.189 views

Ransom.Conti MVID-2022-0604 Code Execution

Discovery / credits: Malvuln John Page aka hyp3rlinx c 2022 Original source: https://malvuln.com/advisory/0c4502d6655264a9aa420274a0ddeaeb.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Ransom.Conti Vulnerability: Code Execution Description: Conti looks for and executes DLLs ...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2022/05/12 12:0 a.m.264 views

Royal Event Management System 1.0 SQL Injection

Exploit Title: Royal Event Management System 1.0 - 'todate' SQL Injection Authenticated Date: 2022-26-03 Exploit Author: Eren Gozaydin Vendor Homepage: https://www.sourcecodester.com/php/15238/event-management-system-project-php-source-code.html Software Link:...

8.8CVSS0.2AI score0.57317EPSS
Exploits3
Packet Storm
Packet Storm
added 2022/05/12 12:0 a.m.488 views

F5 BIG-IP iControl Remote Code Execution

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'F5 BIG-IP iControl RCE via REST Authentication Bypass', 'Description' = %q This module exploits an authentication bypass vulnerability in the F5...

9.8CVSS0.2AI score0.99956EPSS
Exploits63
Packet Storm
Packet Storm
added 2022/05/12 12:0 a.m.360 views

F5 BIG-IP 16.0.x Remote Code Execution

Exploit Title: F5 BIG-IP 16.0.x - Remote Code Execution RCE Exploit Author: Yesith Alvarez Vendor Homepage: https://www.f5.com/products/big-ip-services Version: 16.0.x CVE : CVE-2022-1388 from requests import Request, Session import sys import json def title: print''' / \ \ / / | | \ / \ | \ / | ...

9.8CVSS10AI score0.99956EPSS
Exploits63
Packet Storm
Packet Storm
added 2022/05/12 12:0 a.m.217 views

Ransom.REvil MVID-2022-0600 Code Execution

Discovery / credits: Malvuln John Page aka hyp3rlinx c 2022 Original source: https://malvuln.com/advisory/daab2c9d58acc367032f32bb8097e310.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Ransom.REvil Vulnerability: Code Execution Description: REvil looks for and executes DLLs ...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2022/05/12 12:0 a.m.204 views

Ransom.REvil MVID-2022-0597 Code Execution

Discovery / credits: Malvuln John Page aka hyp3rlinx c 2022 Original source: https://malvuln.com/advisory/7ff073cc9e4e6750ba52135ba02ee531.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Ransom.REvil Vulnerability: Code Execution Description: REvil looks for and executes DLLs ...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2022/05/12 12:0 a.m.189 views

Ransom.REvil MVID-2022-0595 Code Execution

Discovery / credits: Malvuln John Page aka hyp3rlinx c 2022 Original source: https://malvuln.com/advisory/7a96d7a1f28bfb6ae36a15263a8a7135.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Ransom.REvil Vulnerability: Code Execution Description: REvil looks for and executes DLLs ...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2022/05/12 12:0 a.m.265 views

TLR-2005KSH Arbitrary File Delete

Exploit Title: TLR-2005KSH - Arbitrary File Delete Date: 2022-05-11 Exploit Author: Ahmed Alroky Author Company : AIactive Version: 1.0.0 Vendor home page : http://telesquare.co.kr/ Authentication Required: No Tested on: Windows CVE: CVE-2021-46424 Proof-of-Concept Request DELETE /cgi-bin/test2.t...

9.4CVSS0.4AI score0.36834EPSS
Exploits3
Packet Storm
Packet Storm
added 2022/05/12 12:0 a.m.204 views

Ransom.REvil MVID-2022-0599 Code Execution

Discovery / credits: Malvuln John Page aka hyp3rlinx c 2022 Original source: https://malvuln.com/advisory/ab1aaa8f96c61684736da00ece5a9c83.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Ransom.REvil Vulnerability: Code Execution Description: REvil looks for and executes DLLs ...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2022/05/12 12:0 a.m.208 views

Ransom.REvil MVID-2022-0598 Code Execution

Discovery / credits: Malvuln John Page aka hyp3rlinx c 2022 Original source: https://malvuln.com/advisory/c9bf7216cdc2673bf4ee2af8b19bcfc8.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Ransom.REvil Vulnerability: Code Execution Description: REvil looks for and executes DLLs ...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2022/05/12 12:0 a.m.275 views

Ransom.REvil MVID-2022-0596 Code Execution

Discovery / credits: Malvuln John Page aka hyp3rlinx c 2022 Original source: https://malvuln.com/advisory/8ca35b7867e23a1bbb0fea6d51fc1b61.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Ransom.REvil Vulnerability: Code Execution Description: REvil looks for and executes DLLs ...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2022/05/12 12:0 a.m.248 views

College Management System 1.0 SQL Injection

Exploit Title: College Management System - 'coursecode' SQL Injection Authenticated Date: 2022-24-03 Exploit Author: Eren Gozaydin Vendor Homepage: https://code-projects.org/college-management-system-in-php-with-source-code/ Software Link:...

8.8CVSS0.3AI score0.28826EPSS
Exploits5
Packet Storm
Packet Storm
added 2022/05/11 12:0 a.m.250 views

Microsoft CMD.EXE Integer Overflow

Hi @ll, the subject says it all: a 25 year old TRIVIAL signed integer arithmetic bug which may well have earned a PhD now crashes Windows' command interpreter CMD.exe via its builtin SET command. See their documentation: Classification CWE-190: Integer Overflow or Wraparound CWE-248: Uncaught...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2022/05/11 12:0 a.m.196 views

ImpressCMS 1.4.4 Arbitrary File Upload

Exploit Title: ImpressCMS v1.4.4 - Unrestricted File Upload Date: 7/4/2022 Exploit Author: Ünsal Furkan Harani Zemarkhos Vendor Homepage: https://www.impresscms.org/ Software Link: https://github.com/ImpressCMS/impresscms Version: v1.4.4 Description: Between lines 152 and 162, we see the function...

0.5AI score
Exploits0
Packet Storm
Packet Storm
added 2022/05/11 12:0 a.m.208 views

UDisk Monitor Z5 Phone 2.0.3.0 Unquoted Service Path

Exploit Title: UDisk Monitor Z5 Phone - 'MonServiceUDisk.exe' Unquoted Service Path Discovery by: Edgar Carrillo Egea // https://twitter.com/ecarrilloeg Discovery Date: 2022-04-24 Vendor Homepage: https://www.zte.com.cn/global/ Tested Version: 2.0.3.0 Vulnerability Type: Unquoted Service Path...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2022/05/11 12:0 a.m.202 views

TCQ Unquoted Service Path

Exploit Title: TCQ - 'ITeCProteccioAppServer.exe' Unquoted Service Path Discovery by: Edgar Carrillo Egea - https://twitter.com/ecarrilloeg Discovery Date: 2022-04-25 Vendor Homepage: https://itec.es/programas/ Vulnerability Type: Unquoted Service Path Privilege Escalation Tested on OS: Microsoft...

0.3AI score
Exploits0
Packet Storm
Packet Storm
added 2022/05/11 12:0 a.m.230 views

DLINK DIR850 Insecure Direct Object Reference

Exploit Title: DLINK DIR850 - Insecure Access Control Product: Dlink Model: DIR850 Date: 14/1/2022 CVE : CVE-2021-46378 Exploit Author: Ahmed Alroky Hardware version: b1 Firmware version: ET850-1.08TRb03 Vendor home page: https://www.dlink.com/ Exploit : Visit http:///config.dat...

7.5CVSS7.6AI score0.31863EPSS
Exploits4
Packet Storm
Packet Storm
added 2022/05/11 12:0 a.m.296 views

Magento eCommerce CE 2.3.5-p2 SQL Injection

Exploit Title: Magento eCommerce CE v2.3.5-p2 - Blind SQLi Date: 2021-4-21 Exploit Author: Aydin Naserifard Vendor Homepage: https://www.adobe.com/ Software Link: https://github.com/magento/magento2/releases/tag/2.3.5-p2 Version: 2.3.5-p2 Tested on: 2.3.5-p2 POC: 1PUT...

0.1AI score
Exploits0
Packet Storm
Packet Storm
added 2022/05/11 12:0 a.m.272 views

TLR-2005KSH Arbitrary File Upload

Exploit Title: TLR-2005KSH - Arbitrary File Upload Date: 2022-05-11 Shodan Dork: title:"Login to TLR-2021" Exploit Author: Ahmed Alroky Author Company : Aiactive Version: 1.0.0 Vendor home page : http://telesquare.co.kr/ Authentication Required: No Tested on: Windows CVE: CVE-2021-45428...

9.8CVSS0.3AI score0.56931EPSS
Exploits5
Packet Storm
Packet Storm
added 2022/05/11 12:0 a.m.452 views

Bitrix24 Remtoe Code Execution

Exploit Title: Bitrix24 - Remote Code Execution RCE Authenticated Date: 4/22/2022 Exploit Author: picaroo Vendor Homepage: https://www.bitrix24.com/apps/desktop.php Tested on: Linux os /usr/bin/env python Created by heinjame import requests import re from bs4 import BeautifulSoup import...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2022/05/11 12:0 a.m.412 views

Wondershare Dr.Fone 12.0.7 Privilege Escalation

Exploit Title: Wondershare Dr.Fone 12.0.7 - Privilege Escalation ElevationService Date: 4/27/2022 Exploit Author: Netanel Cohen & Tomer Peled Vendor Homepage: https://drfone.wondershare.net/ Software Link: https://download.wondershare.net/drfonefull4008.exe Version: up to 12.0.7 Tested on: Window...

9CVSS0.7AI score0.20982EPSS
Exploits3
Packet Storm
Packet Storm
added 2022/05/11 12:0 a.m.238 views

WordPress Blue Admin 21.06.01 Cross Site Request Forgery

Exploit Title: WordPress Plugin Blue Admin 21.06.01 - Cross-Site Request Forgery CSRF Date: 2021-07-27 Exploit Author : Abisheik M Vendor Homepage : https://wpscan.com/plugin/blue-admi Version : alert/XSS/' /...

8.8CVSS0.1AI score0.04087EPSS
Exploits5
Packet Storm
Packet Storm
added 2022/05/11 12:0 a.m.198 views

ManageEngine ADSelfService Plus Build 6118 NTLMv2 Hash Exposure

Exploit Title: ManageEngine ADSelfService Plus Build 6118 - NTLMv2 Hash Exposure Exploit Author: Metin Yunus Kandemir Vendor Homepage: https://www.manageengine.com/ Software Link: https://www.manageengine.com/products/self-service-password/download.html Details:...

8.8CVSS8.9AI score0.07947EPSS
Exploits4
Packet Storm
Packet Storm
added 2022/05/11 12:0 a.m.276 views

WordPress Advanced Uploader 4.2 Shell Upload

Exploit Title: WordPress Plugin Advanced Uploader 4.2 - Arbitrary File Upload Authenticated Google Dork: - Date: 2022-03-13 Exploit Author: Roel van Beurden Vendor Homepage: - Software Link: https://downloads.wordpress.org/plugin/advanced-uploader.4.2.zip Version: =4.2 Tested on: WordPress 5.9 on...

0.14977EPSS
Exploits5
Packet Storm
Packet Storm
added 2022/05/11 12:0 a.m.209 views

DLINK DIR850 Open Redirection

Exploit Title: DLINK DIR850 - Open Redirect Product: Dlink Model: DIR850 Date: 14/1/2022 CVE: CVE-2021-46379 Exploit Author: AhmedAlroky Hardware version: b1 Firmware version: ET850-1.08TRb03 Vendor home page: https://www.dlink.com/ Exploit : Visit...

6.1CVSS6.3AI score0.15701EPSS
Exploits4
Packet Storm
Packet Storm
added 2022/05/11 12:0 a.m.241 views

Navigate CMS 2.9.4 Server-Side Request Forgery

!/usr/bin/env python3 Exploit Title: Navigate CMS 2.9.4 - Server-Side Request Forgery SSRF Authenticated Exploit Author: cheshireca7 Vendor Homepage: https://www.navigatecms.com/ Software Link: https://sourceforge.net/projects/navigatecms/files/releases/navigate-2.9.4r1561.zip/download Version:...

4.9CVSS0.9AI score0.2195EPSS
Exploits6
Packet Storm
Packet Storm
added 2022/05/11 12:0 a.m.202 views

Akka HTTP 10.1.14 Denial Of Service

Exploit Title: Akka HTTP Denial of Service via Nested Header Comments Date: 18/4/2022 Exploit Author: cxosmo Vendor Homepage: https://akka.io Software Link: https://github.com/akka/akka-http Version: Akka HTTP 10.1.x 10.1.15 & 10.2.x 10.2.7 Tested on: Akka HTTP 10.2.4, Ubuntu CVE : CVE-2021-42697...

7.5CVSS0.36139EPSS
Exploits5
Packet Storm
Packet Storm
added 2022/05/11 12:0 a.m.193 views

Beehive Forum 1.5.2 Account Takeover

Exploit Title: Beehive Forum - Account Takeover Date:08/05/2022. Exploit Author: Pablo Santiago Vendor Homepage: https://www.beehiveforum.co.uk/ Software Link: https://sourceforge.net/projects/beehiveforum/ Version: 1.5.2 Tested on: Kali Linux and Ubuntu 20.0.4 CVE N/A PoC:...

0.1AI score
Exploits0
Packet Storm
Packet Storm
added 2022/05/11 12:0 a.m.323 views

ExifTool 12.23 Arbitrary Code Execution

Exploit Title: ExifTool 12.23 - Arbitrary Code Execution Date: 04/30/2022 Exploit Author: UNICORD NicPWNs & Dev-Yeoj Vendor Homepage: https://exiftool.org/ Software Link: https://github.com/exiftool/exiftool/archive/refs/tags/12.23.zip Version: 7.44-12.23 Tested on: ExifTool 12.23 Debian CVE:...

7.8CVSS0.3AI score0.99981EPSS
Exploits39
Packet Storm
Packet Storm
added 2022/05/11 12:0 a.m.212 views

e107 CMS 3.2.1 Arbitrary File Upload / Cross Site Scripting

Exploit Title: e107 CMS v3.2.1 - Multiple Vulnerabilities Date: 30/04/2022 Exploit Author: Hubert Wojciechowski Contact Author: [email protected] Vendor Homepage: https://e107.org/ Software Link: https://e107.org/download Version: 3.2.1 Tested on: Windows 10 using XAMPP, Apache/2.4.48 Win64...

0.1AI score
Exploits0
Packet Storm
Packet Storm
added 2022/05/11 12:0 a.m.223 views

WebTareas 2.4 SQL Injection

Exploit Title: WebTareas 2.4 - Blind SQLi Authenticated Date: 04/20/2022 Exploit Author: Behrad Taher Vendor Homepage: https://sourceforge.net/projects/webtareas/ Version: 2.4p3 CVE : CVE-2021-43481 The script takes 3 arguments: IP, user ID, session ID Example usage: python3 webtareassqli.py...

9.8CVSS0.05452EPSS
Exploits5
Packet Storm
Packet Storm
added 2022/05/11 12:0 a.m.257 views

CSZ CMS 1.3.0 SQL Injection

Exploit Title: CSZ CMS 1.3.0 - 'Multiple' Blind SQLi Date: 2021-04-22 Exploit Author: Dogukan Dincer Vendor Homepage: https://www.cszcms.com/ Software Link: https://sourceforge.net/projects/cszcms/files/install/CSZCMS-V1.3.0.zip/download Version: 1.3.0 Tested on: Kali Linux, Windows 10, PHP 7.2.4...

0.2AI score
Exploits0
Packet Storm
Packet Storm
added 2022/05/11 12:0 a.m.290 views

SAP BusinessObjects Intelligence 4.3 XML Injection

Exploit Title: SAP BusinessObjects Intelligence 4.3 - XML External Entity XXE Google Dork: N/A Date: 4/21/2022 Exploit Author: West Shepherd Vendor Homepage: https://www.sap.com/ Software Link: https://www.sap.com/ Version: 4.2 and 4.3 Tested on: Windows Server 2019 x64 CVE : CVE-2022-28213...

8.1CVSS0.3AI score0.12476EPSS
Exploits4
Packet Storm
Packet Storm
added 2022/05/11 12:0 a.m.204 views

DLINK DAP-1620 A1 1.01 Directory Traversal

Exploit Title: DLINK DAP-1620 A1 v1.01 - Directory Traversal Date: 27/4/2022 Exploit Author: Momen Eldawakhly Cyber Guy Vendor Homepage: https://me.dlink.com/consumer Version: DAP-1620 - A1 v1.01 Tested on: Linux CVE : CVE-2021-46381 POST /apply.cgi HTTP/1.1 Content-Type:...

7.5CVSS0.57984EPSS
Exploits4
Packet Storm
Packet Storm
added 2022/05/11 12:0 a.m.253 views

Joomla SexyPolling 2.1.7 SQL Injection

Exploit Title: Joomla Plugin SexyPolling 2.1.7 - SQLi Google Dork: intext:"Powered by Sexy Polling" Date: 2022-02-08 Exploit Author: Wolfgang Hotwagner Vendor Homepage: https://2glux.com/projects/sexypolling Software Link: https://2glux.com/downloads/files/free/sexypollingpack2.1.72glux.com.zip...

0.4AI score
Exploits0
Packet Storm
Packet Storm
added 2022/05/11 12:0 a.m.219 views

Bookeen Notea BK_R_1.0.5_20210608 Directory Traversal

Exploit Title: Bookeen Notea - Directory Traversal Date: December 2021 Exploit Author: Clement MAILLIOUX Vendor Homepage: https://bookeen.com/ Software Link: N/A Version: BKR1.0.520210608 Tested on: Bookeen Notea Android 8.1 CVE : CVE 2021-45783 The affected version of the Bookeen Notea System...

4.9AI score0.01907EPSS
Exploits3
Packet Storm
Packet Storm
added 2022/05/11 12:0 a.m.284 views

Cyclos 4.14.7 Cross Site Scripting

Exploit Title: Cyclos 4.14.7 - 'groupId' DOM Based Cross-Site Scripting XSS Date: 17/04/2021 Exploit Author: Tin Pham aka TF1T of VietSunshine Cyber Security Services Vendor Homepage: https://www.cyclos.org/ Version: Cyclos 4.14.7 and prior Tested on: Ubuntu CVE : CVE-2021-31673 Description: A...

6.1CVSS0.03837EPSS
Exploits7
Packet Storm
Packet Storm
added 2022/05/11 12:0 a.m.230 views

PyScript 2022-05-04-Alpha Source Code Disclosure

Exploit Title: PyScript Remote Emscripten VMemory Python libraries Source Codes Read Date: 5-9-2022 Exploit Author: Momen Eldawakhly Cyber Guy Vendor Homepage: https://pyscript.net/ Software Link: https://github.com/pyscript/pyscript Version: 2022-05-04-Alpha Tested on: Ubuntu Apache Server CVE :...

7.6AI score0.13268EPSS
Exploits4
Packet Storm
Packet Storm
added 2022/05/11 12:0 a.m.417 views

Wondershare Dr.Fone 12.0.7 Privilege Escalation

Exploit Title: Wondershare Dr.Fone 12.0.7 - Privilege Escalation InstallAssistService Date: 4/27/2022 Exploit Author: Netanel Cohen & Tomer Peled Vendor Homepage: https://drfone.wondershare.net/ Software Link: https://download.wondershare.net/drfonefull4008.exe Version: up to 12.0.7 Tested on:...

10CVSS0.5AI score0.2272EPSS
Exploits3
Packet Storm
Packet Storm
added 2022/05/11 12:0 a.m.623 views

Cisco RV340 SSL VPN Unauthenticated Remote Code Execution

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Cisco RV340 SSL VPN Unauthenticated Remote Code Execution', 'Description' = %q This module exploits a stack buffer overflow in the Cisco RV serie...

10CVSS0.6AI score0.72458EPSS
Exploits7
Packet Storm
Packet Storm
added 2022/05/11 12:0 a.m.298 views

Anuko Time Tracker 1.20.0.5640 SQL Injection

Exploit Title: Anuko Time Tracker - SQLi Authenticated Date: 2022-05-03 Exploit Author: Altelus Vendor Homepage: https://www.anuko.com/ Software Link: https://github.com/anuko/timetracker/tree/0924ef499c2b0833a20c2d180b04fa70c6484b6d Version: Anuko Time Tracker 1.20.0.5640 Tested on: Linux CVE :...

8.8CVSS0.5AI score0.07159EPSS
Exploits5
Total number of security vulnerabilities50748